ＨｉｄｅＺｅｒｏＯｎｅ

More than 95 percent of Fortune 500 use Azure today! A huge number of organizations use Azure AD (Entra ID) as an Identity and Access Management platform. This makes it imperative to understand the risks associated with Azure as it contains an enterprises infrastructure, apps, identities and a lot more!

In addition to cloud-only identity, the ability to connect on-prem Active Directory, applications and infrastructure to Azure AD brings some very interesting opportunities and risks too. Often complex to understand, this setup of components, infrastructure and identity is a security challenge.

The Evasion lab (Certified Evasion Techniques Professional) is designed to equip information security professionals with the expertise needed to bypass defenses in modern enterprise environments. This course delves deep into the techniques and methodologies used to bypass endpoint countermeasures like EDRs. You will gain a comprehensive understanding of Windows internals, including the distinction between user-mode and kernel-mode components, also you will gain a comprehensive understanding of EDRs internals, and how telemetries are collected.

​Throughout the course, you will learn about Windows Internals, reversing EDRs, bypassing  Microsoft Defender for Endpoint (MDE), Elastic EDR, Sysmon weaponizing kernel exploits for defense evasion and bypassing security controls like Protected Processes (PP), Process Protection Light (PPL), Digital Signature Enforcement (DSE), Attack Surface Reduction (ASR) rules and incapacitating Event Tracing for Windows (ETW) telemetry and a lot more .

Cloud Red Team : Attacking and Defending Azure is designed to help security professionals in understand, analyze and practice attacks in an enterprise-like live Azure environment that has effective security controls in place. You will be able to practice and sharpen popular tactics, techniques and procedures (TTPs) for Azure environments. In addition, you will learn how to bypass security controls like Advanced Conditional Access Policies, Multiple ways to bypass MFA that is enforced using different methods, Privileged Identity Management (PIM) and Microsoft Defender for Cloud. CARTE also focuses on abuse of JWT signing, Family of Client IDs (FOCI), Attribute Based Access Control (ABAC), Temporary Access Password (TAP), Custom Claims, Cross Tenant Access, Azure Lighthouse, Azure ARC, Multi-Cloud Access, Tokens form Office Applications and traffic and Abuse of Kerberos in Entra ID.

Most enterprise networks today are managed using Active Directory and it is imperative for a security professional to understand the threats to the Windows infrastructure. Certified Red Team Expert (CRTE) course and lab is designed to provide a platform for security professionals to understand, analyze and practice threats and attacks against a modern Windows network infrastructure.

The Certified Red Team Professional (CRTP) is a beginner-friendly, hands-on certification offered by Altered Security. It focuses on teaching security professionals how to assess and enhance the security of Enterprise Active Directory environments. The course covers topics such as Active Directory enumeration, trust mapping, domain privilege escalation, Kerberos-based attacks, SQL server trusts, and defense bypass techniques. Participants can choose between an on-demand course with flexible self-paced learning or an instructor-led bootcamp spanning four weeks. Both options provide access to a lab environment featuring updated Server 2022 machines, comprehensive video courses, lab manuals, and a certification exam attempt. The CRTP certification is valid for three years, with a free renewal process available to keep up with evolving technologies and skills.